Set restrictive file permissions on Ceph keyrings for non-containerized deployment
Pass mode parameter 0640 and user and group ownership to puppet-ceph for
Ceph openstack client keyrings during non-containerized deployment.
Author: Keith Schincke <kschinck@redhat.com>
Co-Author: John Fulton <fulton@redhat.com>
Change-Id: Iccb24f5c2ee639ad2bc0869a37cec305f32b9fd1
Depends-On: Ie968e6abc6969c37be0a62ac45999093120673d4
Partial-Bug: #1720787
(cherry picked from commit bdf1ade1b9
)
This commit is contained in:
parent
7e4e8ab775
commit
8bf46a66e6
|
@ -132,7 +132,9 @@ outputs:
|
|||
cap_mon: 'allow profile bootstrap-osd'
|
||||
CEPH_CLIENT_KEY:
|
||||
secret: {get_param: CephClientKey}
|
||||
mode: '0644'
|
||||
mode: '0640'
|
||||
user: 'ceph'
|
||||
group: 'ceph'
|
||||
cap_mon: 'allow r'
|
||||
cap_osd:
|
||||
str_replace:
|
||||
|
|
Loading…
Reference in New Issue